package com.example.sq.config;

import com.example.sq.service.UserDetailServiceImpl;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.core.userdetails.User;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.DelegatingPasswordEncoder;
import org.springframework.security.crypto.password.MessageDigestPasswordEncoder;
import org.springframework.security.crypto.password.NoOpPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.security.provisioning.InMemoryUserDetailsManager;
import org.springframework.security.provisioning.UserDetailsManager;
import org.springframework.security.web.authentication.rememberme.JdbcTokenRepositoryImpl;
import org.springframework.security.web.authentication.rememberme.PersistentTokenRepository;
import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
import org.springframework.security.web.util.matcher.OrRequestMatcher;

import javax.annotation.Resource;
import javax.sql.DataSource;
import java.net.PasswordAuthentication;
import java.util.HashMap;
import java.util.Map;

@Configuration
public class MyWebSecurityConfigurerAdapter extends WebSecurityConfigurerAdapter {

    @Resource
    private UserDetailServiceImpl userDetailService;

    @Resource
    private DataSource dataSource;


    /**
     * 配置记住我功能的数据源并注入容器
     *
     * @return
     */
    @Bean
    public PersistentTokenRepository persistentTokenRepository(){
        JdbcTokenRepositoryImpl tokenRepository = new JdbcTokenRepositoryImpl();
        // 设置数据源
        tokenRepository.setDataSource(dataSource);
        // 第一次启动时是否创建记住我功能的数据表
       // tokenRepository.setCreateTableOnStartup(true);
        return tokenRepository;
    }

    @Override
    protected void configure(HttpSecurity http) throws Exception {

        // 进行 HttpSecurity 对象的配置
        http.authorizeRequests(a -> a
                        // 匹配到的文件放行
                        .antMatchers("/**/*.js").permitAll()
                        .regexMatchers(".+[.]jpg").hasRole("admin")
                        .mvcMatchers("/abc").servletPath("/").permitAll()
                         //没有匹配到的路径都需要认证之后才可以访问
                        .anyRequest().authenticated()
                        //.access("@accessPermissionHandler.hasPermission(request,authentication)")
                )
                .csrf(c -> c.disable())
                .formLogin()
                .and()
                .exceptionHandling().accessDeniedHandler(new MyAccessDeniedHandler())
                .and().rememberMe() // 开启记住我的功能
                // 自定义登录逻辑
                .userDetailsService(userDetailService)
                // 指定记住我的信息存储位置
                .tokenRepository(persistentTokenRepository());

    }


}





